skip navigation

More signal. Less noise.

Daily briefing.

The US Federal Bureau of Investigation warns that hacktivists are increasingly turning their attention to law enforcement personnel and public officials. The Bureau suggests this is (relatively) new in being a direct cyber threat to natural persons, not the institutions with which they're associated.

The offense-defense dialectic moves back to an offensive moment as hackers assimilate lessons learned from last year's highly successful takedown of Gameover Zeus: banking botnets are back.

We've moving into the see-something, say-something phase of airline cyber awareness. The FBI and Transportation Security Administration (TSA) have warned airlines to be alert for signs of intrusion into or tampering with passenger Wi-Fi networks. For now the warning is based on a priori probability, not specific threat intelligence.

Recorded Future describes ways of subverting Tor anonymity.

WordPress has pushed out a patch.

Secunia's 2015 Vulnerability Review is out (and worth your attention).

Investors look at the cyber sector, like what they're seeing (but caveat lector — this sort of opinion is notoriously volatile), and explain what they're looking for.

Cyber legislation is moving through the US Congress. Among the most closely watch bills is one fostering information sharing. It passed the House this week, and business generally regards this as a good thing. (Members of Congress "now understand that companies can no longer fight the bad guys individually," TruStar CEO Paul Kurtz tells the New York Times.)

A reintroduced "Aaron's Law" would relieve researchers of (some) fear of prosecution as criminal hackers.

New US cyber doctrine features offensive capabilities.

Notes.

Today's issue includes events affecting China, Israel, Russia, United States.

Dateline RSA

RSA: Information sharing and approaches to making intelligence actionable (The CyberWire) RSA continues, with discussions of policy and technology. We interview Lookinglass, Onapsis, Neustar, Votiro, and NSS Labs

RSAC 2015: RSA Conference (Day 3) (CSO) InfoSec has lost its way, there are new DDoS trends emerging, and Hyatt customers need to watch their email

RSA chief to security pros: Stop addressing the wrong problems (Network World via CSO) RSA President Amit Yoran offers up a five-point plan to deal with the new security environment

Feeling Safe? Try Attending Internet Security Conference (AP via ABC News) A conference of Internet security experts is not for the faint of heart

At RSA Conference, Computer Security Done Right and Wrong (New York Times) The annual RSA security conference here is one of the largest gatherings of computer security professionals and companies in the world. It is also an opportunity for complaining and perhaps just a bit of navel gazing

The Real 'Next Generation' of Security Revealed at RSA (Threatpost) When it comes to the future development of secure software, there's really only one "next generation" that matters

RSA 2015: Panelists debate a way forward for matters of cyber conflict (SC Magazine) A cyber policy and foreign relations expert shared that, in order to truly curb intellectual property (IP) theft by cyber attackers in China, it will take more than government action

Cyber attacks against the US — the empire strikes back (CSO) John Carlin is an Assistant Attorney General at the Department of Justice in the US and runs the National Security Division. He is responsible for prosecuting cyber criminals in the United States that threaten the interests of the country

Government Giving 'No More Free Passes' To Cybercriminals (Dark Reading) At RSA Conference today, Assistant Attorney General for National Security John Carlin explained the government's new "all tools approach"" to cracking down on cyberespionage and other crime

Government cybersecurity experts push for better information sharing (TechTarget) At RSA 2015, former federal officials called for better government cybersecurity cooperation between agencies and with the private sector

Cybersecurity Experts: Internet of Things Punches Holes in Web Defense (Xconomy) Webcams may guard our homes against burglars, and Fitbits may protect us against the flab we'd put on without exercising

Lightning strike more likely than mobile malware (CSO) The threat of mobile malware infection is substantially overblown

Reporting cybercrime feels like 'Groundhog Day' (CSO) For those in the cybersecurity industry trying to get coverage from top-tier journalists in the field — and there are many thousands trying to do just that at RSA 2015 in San Francisco this week — here is what not to do: Pitch what everybody else is pitching. That is the best way to get them to ignore you

How CISOs can communicate risk to businesses (CSO) CISOs have been hearing for some time now that they need to learn how to "speak the language of business" better. It is one way to gain respect and avoid being viewed mainly as a scapegoat

Live from RSA Conference 2015: Video Interviews (BankInfoSecurity) Streaming video discussions with today's top security leaders

Zero-Day Malvertising Attack Went Undetected For Two Months (Dark Reading) Researchers at Malwarebytes tracked stealthy attack campaign that infected some major websites with malicious ads harboring ransomware

Juniper to team up with Cyphort for new threat intelligence platform (ARN) Cyphort to team up with Juniper Networks on APTs

Lookingglass Recognized as Fastest Growing Security Company of the Year at RSA Conference 2015 (BusinessWire) Robust growth of Lookingglass Cyber Solutions acknowledged by Info Security's Global Excellence Awards

Making password databases impossible to steal (Help Net Security) A new technology, called Blind Hashing, that prevents offline password attacks by making databases impossible to steal, has been introduced at RSA Conference 2015 by start-up TapLink

HP Rolls Out New User Behavior, Cloud Security Capabilities (eWeek) At the RSA Conference, HP is announcing partnerships and technologies, including the addition of user-behavior and cloud security capabilities

Core Security Releases Core Insight 4.5 to Address Chronic Vulnerability Management Issues in the Enterprise (IT Business Net) New features in Core Security's vulnerability management solution include interactive attack paths, enhanced exploit matching and filtering, flexible reporting and smart card authentication

Huawei, EdgeWave team up to combat cybersecurity threats (FierceITSecurity) Huawei is building on its announcement from earlier this week at RSA Conference 2015 with the introduction of a new cybersecurity solution that uses its USG3600 Series Next General Firewall, as well as the EdgeWave EPIC Security Assurance Service

ThreatStream to release first iOS "threat intelligence" app for Apple Watch (Newsmaine) In an announcement made on April 21, two-year-old startup ThreatStream — the company behind the Optic enterprise-class threat platform — said that it has efforts underway to release the first iOS "threat intelligence" app for the forthcoming Apple Watch smartwatch

Lastline Knowledge Base of Malware Intelligence With String Indexing Launches at RSA (BusinessWire) Vast, structured repository offers an average of 10 times more data per malware query than other threat intelligence stores

Qualys devises a virtual patch to protect against vulnerabilities (PC World) If you can't wait for that critical patch to secure your system from some just-discovered bug, IT security firm Qualys may have an answer, through new security software that can secure the trouble spot until the patch arrives

Auconet Unveils Enterprise Security Foundation (ESF) at RSA 2015 (PRNewswire) ESF adds 100% network discovery & visibility to fortify security solutions

Comodo Launches New Device Management Solution (HostReview) The Comodo organization, a global innovator and developer of cyber security solutions, today announced the next generation of its device management solution

Raytheon delivers end-to-end visibility to address cyber threats (Help Net Secuirty) At the RSA Conference 2015 today, Raytheon announced a new suite of solutions that can change the way companies address cybersecurity by helping enterprises operate in the face of sophisticated cyber threats

Automated protection of enterprise email, docs and data (Help Net Security) At RSA Conference 2015 TITUS launched TITUS Classification Suite 4, a significant new release of its flagship data identification and information protection suite

Thycotic Partners with Rapid7 for Enhanced Vulnerability Management (IT Business Net) Integration of Thycotic Secret Server and Rapid7 Nexpose offers improved privileged account security and credentialed scanning capabilities

IONU Security's Latest Products Deliver Attack Proof Data Across the Distributed Enterprise and Business-to-Business Ecosystem (Sys-Con Media) IONU Security Inc. [RSA Conference booth #2812] today announced the latest release of its IONU Mobile and IONU Pro Products. These products deliver capabilities allowing companies to protect critical information that is distributed across the entire business ecosystem and mitigate the consequences of insider and malware initiated attacks

Cyphort and Big Switch Networks Collaborate to Deliver the First Software-Based Advanced Threat Detection Solution Leveraging SDN (BusinessWire) Partnership to bring together next generation of software defined networking and threat intelligence

Cyber Attacks, Threats, and Vulnerabilities

Hacktivists Threaten to Target Law Enforcement Personnel and Public Officials (Federal Bureau of Investigation) Law enforcement personnel and public officials may be at an increased risk of cyber attacks

Bank Botnets Continue to Thrive One Year After Gameover Zeus Takedown (Dark Reading) Features on new botnets suggest attackers have learned from the lessons of takedown

Feds Warn Airlines to Look Out for Passengers Hacking Jets (Wired) In response to reports last week that passenger Wi-Fi networks make some planes vulnerable to hacking, the FBI and TSA have issued an alert to airlines advising them to be on the lookout for evidence of tampering or network intrusions

Stripping Tor Anonymity: Database Dumps, Illegal Services, Malicious Actors, Oh My! (Recorded Future) Malicious actors using the Onion Router (Tor) value the anonymity the network provides — as it allows connections through a series of virtual tunnels, obfuscating who is accessing a site or service, what is being accessed, and what is being sent and received

How to crash any iPhone or iPad within WiFi range (Tripwire: the State of Security) Security researchers presenting at this week's RSA Conference in San Francisco, have uncovered a whole new compelling reason to switch off your phone

Malware Uses Invisible Command Line Argument in Shortcut File (Softpedia) Janicab poses as a JPG shortcut but points to Command Prompt

Why U.S. Grid Still Vulnerable to Cyber Attack (Wall Street Journal) Utilities and their business partners play an unintentional role in increasing the electrical grid's vulnerability to cyber attack

Officials: MCA Testing Suspended Due To Cyber Attack (CBS Minnesota) It wasn't just a computerglitch that caused the state to temporarily halt the annual school test known as the MCAs

Security Patches, Mitigations, and Software Updates

WordPress 4.1.2 Security Release (WordPress) WordPress 4.1.2 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately

Microsoft takes security to a new level with Device Guard (Tech Republic) Microsoft announced a new feature called Device Guard that prevents unauthorized or malicious code from executing on a Windows system

Twitter's new anti-abuse filter hides harassing tweets from your mentions (Naked Security) Twitter is cracking down on abusive accounts, announcing an updated violent threats policy, as well as a new filter that could block threatening messages before they are even seen by the intended victims

Cyber Trends

Secunia Vulnerability Review 2015 (Secunia) Key figures and facts on vulnerabilities from a global information security perspective

2015 Data Breach Investigations Report (DBIR): Strategic intelligence for cyber defenders (Threatbrief) The yearly Data Breach Investigations Report (DBIR), conducted by Verizon with contributions by over 70 organizations from around the world, has become an important yearly marker on the state of enterprise security

Cryptzone: Insider threats still pose biggest threat to companies (Tweaktown) Companies are still too slow to respond to cybersecurity issues, and insider threats pose a major threat, according to Cryptzone report

You have 60 minutes to respond to a cyber attack (IT Pro) Intel identifies "golden hour" response time, but UK firms take up to three months

Hybrid Warfare: Where's the Beef? (War on the Rocks) Lately, a lot has been said and written down on hybrid war and hybrid warfare. The hybrid war thesis has been advocated to depict the new reality of contemporary warfare

Marketplace

Cybersecurity stocks are soaring — here's why (MarketWatch) Cybersecurity stocks are soaring this week, helped by strong earnings reports, deal news and upbeat comments from Wall Street analysts

A Platonic Dialogue On Security By Benchmark's Matt Cohler (TechCrunch) Matt Cohler is a General Partner at Benchmark. He worked actively on the firm's early-stage venture investments in Domo, Duo Security, Instagram, Snapchat, Twitter, Tinder, Uber, Zendesk, and others, and serves on the boards of many of these companies. He was previously part of the founding team at LinkedIn and was the seventh employee at Facebook

Meet the Silicon Valley companies that top the list of cybersecurity innovators (Silicon Valley Business Journal) As security experts gather for the RSA security conference in San Francisco this week, Silicon Valley companies have earned top spots in the Cybersecurity 500 list of the most innovative companies in cybersecurity

Why FireEye Is Making so Many Big Moves (DCInno) FireEye (FEYE), the California-based cybersecurity company and parent of Virginia-based Mandiant, is on a tear

Can supply chain security assuage Huawei security concerns? (TechTarget) Huawei's U.S. CSO pitched the rigor of its supply chain security processes to RSA Conference 2015 attendees, but they remained skeptical at best on whether to trust the Chinese networking and security vendor

Products, Services, and Solutions

HP and FireEye partner to extend reach of cyber security services (V3) HP and FireEye have announced a partnership that will bring together their combined security tools and consulting expertise to offer customers a complete protection suite

Cisco, Elastica join forces on cloud security monitoring (Business Cloud News) Networking giant Cisco is teaming up with Elastica, a cloud security startup, in a move that will see the two firms combine their threat intelligence and cloud service monitoring technologies

Burp Suite Professional v1.6.13 Released (Toolswatch) Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities

BlackBerry introduces security offering for IoT devices (Reuters via Yahoo! Tech) BlackBerry Ltd said on Tuesday it is launching a new certificate service that will help bring the security level it offers on smartphones to a slew of devices from cars to smart meters

Technologies, Techniques, and Standards

Draft NISTIR 8053: De-Identification of Personally 3 4 Identifiable Information (National Institute of Standards and Technology) De-identification is the removal of identifying information from data. Several US laws, regulations and policies specify that data should be de-identified prior to sharing as a control to protect the privacy of the data subjects. In recent years researchers have shown that some de-identified data can sometimes be re-identified. This document summarizes roughly two decades of de-identification research, discusses current practices, and presents opportunities for future research

Why source IT security auditing to external auditors? (IT Security Guru) IT security auditing consists of creating quantifiable assessments of IT assets such as servers, client computers, hardware assets, applications running on them and the data stored within

The Rise of Counterintelligence in Malware Investigations (Dark Reading) The key to operationalizing cybersecurity threat intelligence rests in the critical thinking that establishes that a given indicator is, in fact, malicious

Academia

Once a field of self-taught hackers, cybersecurity education shifts to universities (Christian Science Monitor Passcode) Over the past year, colleges and universities across the country have received millions in funding from the government and foundations to launch cybersecurity initiatives. The result is a stark change for an industry made up of programmers who have often learned by trial and error

RIT cyber team goes on defense in national hacker event (Democrat and Chronicle) Picture this: You're on your computer, furiously trying to ward off one attack after another from professional hackers

Legislation, Policy, and Regulation

House Passes Cybersecurity Bill After Companies Fall Victim to Data Breaches (New York Times) Responding to a series of computer security breaches in government and the private sector, the House passed an expansive measure Wednesday that would push companies to share access to their computer networks and records with federal investigators

Companies Sharing Hacking Data Get Legal Shield in U.S. Bill (BloombergBusiness) Companies that share information on hacking threats with each other and U.S. law enforcement would be shielded from lawsuits under a House bill passed Wednesday over the objections of privacy advocates

Cyber bill's progress shows shifting mood on threats (Financial Times) A bill that would push companies into sharing information about hacking threats with the US government passed the House of Representatives on Wednesday, in a victory for the Obama administration's main proposal for dealing with growing cybersecurity threats

Threat Intelligence Sharing Still Seen as a Challenge (Threatpost) The discussion about information sharing has been going on in the security community since before there was a security community, but the tone and shape of the conversation have changed recently thanks to an executive order from the Obama administration and the relentless drumbeat of attacks and data breaches. The benefits of sharing threat intelligence are clear, but at the moment, experts say, not enough organizations are enjoying those benefits

House bill slashes research critical to cybersecurity (ComputerWorld) Computer science funding increases but human behavior research is cut deeply

'Aaron's Law' back in Congress to bring "long overdue" fix of US hacking law (Naked Security) More than 2 years after US Rep. Zoe Lofgren (D.-Calif.) proposed legislation that would dial back the ferocity of the charges used against internet activist Aaron Swartz, "Aaron's Law" has resurfaced in Congress, with bipartisan support

New Pentagon cyber strategy to discuss nation's offensive capabilities (Baltimore Sun) Defense Secretary Ashton B. Carter will lay out the military's new strategy for fighting battles over computer networks Thursday, today, officials said, revealing what analysts say appears be a tougher, more offensive approach to cyber warfare

Privacy advocates seek more openness on NSA surveillance (Detroit Free Press) As Congress considers whether to extend the life of a program that sweeps up American phone records, privacy advocates and civil liberties groups say too much about government surveillance remains secret for the public to fully evaluate its reach or effectiveness

Department of Homeland Security hopes to influence tech companies with new Silicon Valley office (Fortune) The department's new satellite office is an attempt to gain support from companies who see cybersecurity and data sharing issues differently

Litigation, Investigation, and Law Enforcement

U.S. judge cancels patents on eve of Trend Micro trial (Reuters) A U.S. judge has invalidated two patents owned by Intellectual Ventures just weeks before its lawsuit against Japanese security software provider Trend Micro Inc over the same patents was set to go to trial

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

RSA Conference 2015 (San Francisco, California, USA, April 20 - 24, 2015) Don't miss this opportunity to join thousands of industry professionals at the premier information security event of 2015

Australian Cyber Security Centre Conference (Canberra, Australia, April 22 - 23, 2015) The Australian Cyber Security Centre (ACSC) will be hosting its first cyber security conference in 2015. We are bringing leading cyber security experts from Australia and abroad to share their expertise.

Security Forum 2015 (Hagenberg im Mühlkreis, Austria, April 22 - 23, 2015) The Security Forum is the annual IT security conference in Hagenberg that addresses current issues in this domain. Visitors are offered technical as well as management-oriented talks by representatives...

CyberTexas / CyberIOT (San Antonio, Texas, USA, April 23 - 24, 2015) CyberIOT — Securing the Internet of Things. As more everyday devices become connected to the internet, the need for securing those items becomes critical. CyberTexas will explore the intersection...

Defensive Cyberspace Operations & Intelligence Conference & Exhibition (Washington, DC, USA, April 27 - 28, 2015) The 5th Annual Defensive Cyberspace Operations & Intelligence (DCOI) conference & exhibition is an Israeli-American partnership promoting the extraordinary developments in the technological, intelligence...

INTEROP Las Vegas (Las Vegas, Nevada, USA, April 27 - May 1, 2015) Attend Interop Las Vegas, the leading independent technology conference and expo designed to inspire, inform, and connect the world's IT community. In 2015, look for all new programs, networking opportunities,...

INFWARCON (Nashville, Tennessee, USA, April 28 - 30, 2015) INFWARCON takes a look at how the balance has flipped in the past 20 years in the cyber security industry. Back then, governments had the upper hand, and could not imagine that cyber criminals could ever...

Southern Africa Banking and ICT Summit (Lusaka, Zambia, April 30, 2015) The South Africa Banking and ICT Summit is the exclusive platform to meet industry thought leaders and decision makers, discover leading edge products and services and discuss innovative strategies to...

2015 Synergy Forum (Tysons Corner, Virginia, USA, April 30, 2015) The 2015 Synergy Forum brings together government and industry practitioners driving our collective technology futures. This event is multi-disciplinary, examining the emerging fusion of physical and digital...

WAHCKon Perth 2015 (Perth, Western Australia, Australia, May 2 - 3, 2015) WAHCKon is a Perth based hacker conference that launched in 2013. We cover a wide range of topics focusing on Information security and Hacker subculture as well as locksports, activism and related areas...

Cloud Security Alliance Federal Summit (Washington, DC, USA, May 5, 2015) The Cloud Security Alliance Federal Summit, is a one day free-for-government event taking place at the Ronald Reagan Building and International Trade Center and is expected to draw 250 information security...

Amsterdam 2015 FIRST Technical Colloquium (Amsterdam, the Netherlands, May 5 - 6, 2015) FIRST Technical Colloquia & Symposia provide a discussion forum for FIRST member teams and invited guests to share information about vulnerabilities, incidents, tools and all other issues that affect the...

AFCEA Defensive Cyber Operations Symposium (Baltimore, Maryland, USA, May 5 - 7, 2015) The U.S. Defense Information Systems Agency's new operational role in the cyber domain as network defender creates a formal relationship between DISA, U.S. Cyber Command and the command's military service...

California Cybersecurity Task Force Quarterly Meeting (Walnut Creek, California, USA, January 20, 2015) The California Cyber Security Task Force serves as an advisory body to California's senior government administration in matters pertaining to Cyber Security. Quarterly Cybersecurity Task Force meetings...

DaytonDefense Ohio Cyber Dialogue with Industry Conference (Dayton, Ohio, USA, May 6 - 7, 2015) Our Cyber Security conference presents how Cyber Security affects you as an individual, your company, and your nation, along with business opportunities in this growing area. You will walk away with an...

Suits and Spooks London (London, England, UK, September 12, 2014) On September 12th, in London's South bank neighborhood of Southwork, approximately 50 former intelligence officials, corporate executives, and security practitioners from the U.S. and the EU will gather...

Fraud Summit London (London, England, UK, May 7, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Highlights of the London event include...

Apple Security Talks & Craft Beer (Laurel, Maryland, USA, May 8, 2015) The world's first security summit held at a production brewery. Join some of the world's best Apple security researchers as they talk about iOS, OS X, Apple hardware and other Apple-related security topics...

DzHack Event 2015 (Ben Aknoun, Algiers, Algeria, May 9, 2015) DzHackEvent is a security event will contain conferences, workshops, and a challenge (CTF). Aiming to bring together security professionals, students, searcher, ethical hacker enthusiasts or simply technology...

12th CISO Summit & Roundtable Geneva 2015 (Geneva, Switzerland, May 11 - 13, 2015) The 12th CISO Summit will give you direct insights from Europe's most experienced CISOs, you will get the latest top hot buttons and focuses from other CISOs for the coming 5 years — shared predictions...

NG Security Summit (San Antoino, Texas, USA, May 11 - 13, 2015) The NG Security Summit bringx together more than sixty-five relevant CISOs from the private and public sector for a high level summit where they will workshop to benchmark, identify, and tackle key challenges.

Cybergamut Tech Tuesday: An Hour in the Life of a Cyber Analyst (Hanover, Maryland, USA, May 12, 2015) This hands-on workshop will demonstrate how easy it is for a breach to occur by analyzing a virtualized web server environment. Participants will use open source tools such as port scanners and protocol...

MCRCon (Ypsilanti, Michigan, USA, May 12, 2015) Please join the Michigan Cyber Range for the third annual MCRCon cybersecurity conference. MCRCon 2015 will focus on hacking prevention, incident handling, forensics and post-event public relations. MCRCon...

Houston Secure World (Houston, Texas, USA, May 13, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...

QuBit 2015 Cybersecurity Conference (Prague, Czech Republic, May 13 - 15, 2015) QuBit brings together top experts and leaders in the field, from the private sector, to academia, to government. The main topics this year are APTs, the Internet of Things, and Digital Forensics, which...

Michgan InfraGard 2015 Great Lakes Regional Conference: Securing Our Critical Infrastructures (Novi, Michigan, USA, May 14, 2015) Learn all about the risks to critical infrastructures and key resources and the efforts underway to protect them. Private and public sectors will be represented. The conference will include four breakout...

THOTCON 0x6 (Chicago, Illinois, USA, May 14 - 15, 2015) THOTCON (pronounced \ˈthȯt\ and taken from THree - One - Two) is a hacking conference based in Chicago IL, USA. This is a non profit non-commercial event looking to provide the best conference possible...

International Conference on Cyber Security (ICCS) 2015 (Redlands, California, USA, May 16 - 17, 2015) The ICCS 2015 serves as a platform for researchers and practitioners from academia, industry, and government to present, discuss, and exchange ideas that address real-world problems with CYBER SECURITY.

FS-ISAC & BITS Annual Summit (Miami Beach, Florida, USA, May 17 - 20, 2015) The Financial Services Information Sharing and Analysis Center (FS-ISAC), is a non-profit association comprised of financial institution members, that is dedicated to protecting the global financial services...

2015 Cyber Risk Insights Conference — Chicago (Chicago, Illinois, USA, May 18, 2015) Advisen again brings its acclaimed Cyber Risk Insights Conference series to Chicago with a full-day event addressing the critical privacy, network security and cyber insurance issues confronting risk professionals...

IEEE Symposium on Security and Privacy (San Francisco, California, USA, May 19 - 22, 2013) Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for the presentation of developments in computer security and electronic privacy, and for bringing together researchers...

Fraud Summit Chicago (Chicago, Illinois, USA, May 19, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Highlights of the Chicago event include...

NCCOE Speaker Series: The Cyber Danger: Problems of Strategic Adaptation (Rockville, Maryland, USA, May 20, 2015) Lucas Kello (Senior Lecturer in International Relations / Director of Cyber Studies Program, Oxford University, and Associate of the Science, Technology & Public Policy Program, Belfer Center for Science...

3rd Annual Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 20 - 21, 2015) In 2015, it is more important than ever that in-house and outside counsel stay abreast of the most current developments and best practices in cybersecurity. Those lawyers who ignore cyber threats are risking...

AFCEA Spring Intelligence Symposium 2015 (Springfield, Virginia, USA, May 20 - 21, 2015) The Symposium will be a one-of-a-kind event designed to set the tone and agenda for billions of dollars in IC investment. Leaders from all major IC agencies, from the ODNI, IARPA, and the National Intelligence...

SOURCE Conference (Boston, Massachusetts, USA, May 25 - 28, 2015) SOURCE is a computer security conference happening in Boston, Seattle, and Dublin that is focused on offering education in both the business and technical aspects of the security industry. The event's...

7th International Conference on Cyber Conflict (Tallinn, Estonia, May 26 - 29, 2015) CyCon is the annual NATO Cooperative Cyber Defence Centre of Excellence conference where topics vary from technical to legal, strategy and policy. The pre-conference workshop day, 26 May, features a variety...

HITBSecConf2015 Amsterdam (De Beurs van Berlage, Amsterdam, The Netherlands, May 26 - 29, 2015) This year's event will feature a new training courses. Keynote speakers include Marcia Hofmann and John Matherly. To encourage the spirit of inquisitiveness and innovation, Haxpo will showcase cutting...

1st Annual Billington Corporate Cybersecurity Summit (New York, New York, USA, May 27, 2015) Join Billington CyberSecurity's unparalleled network of cybersecurity professionals as they provide hard-earned insights and education to a high level and exclusive group of attendees from the corporate...

Atlanta Secure World (Atlanta, Georgia, USA, May 27 - 28, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...

Techno Security & Forensics Investigations Conference (Myrtle Beach, South Carolina, USA, May 31 - June 3, 2015) The Seventeenth Annual International Techno Security & Forensics Investigations Conference will be held May 31 ? June 3 in sunny Myrtle Beach at the Myrtle Beach Marriott Resort. This conference promises...

Mobile Forensics World (Myrtle Beach, South Carolina, USA, May 31 - June 3, 2015) The Eighth Annual Mobile Forensics World will also be held May 31 ? June 3 in sunny Myrtle Beach at the Myrtle Beach Marriott Resort. The Mobile Forensics World is specifically dedicated to Federal, State...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.